How blockchain can improve cybersecurity

Our increasingly connected and digital lives are making us more vulnerable to cyberattacks than ever. As was the case in previous years, 2016 saw a spate of cyberattacks of unprecedented proportions. Some of these incidents were a reminder that the internet is no longer fun and games.

Enter the blockchain, the distributed ledger that underlies the popular and controversial Bitcoin cryptocurrency, the technology that is the result of decades of research in cybersecurity and cryptography.

Here are some of the threats that might become a thing of the past with blockchain.

Man in the middle attacks

Current encrypted communications such as HTTPS and TLS rely on the Public Key Infrastructure (PKI) and Certificate Authorities (CA) to secure channels. Every participant has an asymmetric private/public encryption key pair (see this post for a brief explanation of how asymmetric encryption works), keeping the private key to themselves while making the public key available to the public through trusted a trusted broker (the CA).

When a user wants to establish a secure connection (such as sending an encrypted email or connecting to a website), they pull off their interlocutor’s public key from the broker’s repository and encrypt their data before sending it, knowing that it can only be decrypted at the destination where the private key exists.

Therefore, the integrity of the system will depend on how secure the central broker and holder of public keys is. If the CA goes down, communications fail.

If it becomes compromised, something worse will happen. Attackers will then be able to stage man-in-the-middle attacks by providing users with forged public keys, to which they hold the private keys, and they can thus decrypt sensitive information. (It’s actually a bit more complicated, but this is as simple as I can make it in a short paragraph.)

In contrast, a blockchain approach can make MitM attacks virtually impossible. When users publish their public keys on the blockchain, the information will be distributed across thousands and millions of nodes, and linked to previous blocks stored on the ledger.

It will be impossible for hackers to circumvent the cryptography that makes the blockchain immutable, and there will be no single node they can compromise to publish their fake keys.

Data tampering

Last February, hackers managed to compromise the website of Linux Mint and distribute their own infected version of the operating system, which contained a backdoor. Distributors usually publish hashes of their software binaries to provide users with a means to verify the authenticity of their copy.

However, the problem is, when hackers compromise the website, they’ll publish the hash of their own version of the operating system, duping unfortunate users into thinking they’ve downloaded the authentic version of the software.

The same can be applied to any other data that is made available to the public or distributed to a specific network. There’s no definite way to make sure the data hasn’t been tampered with if the hash can be compromised and changed.

In contrast, imagine a blockchain where every user can publish a hash associated to a particular file, OS image, software binary, or any other data which needs to be protected from tampering. While an attacker might be able to compromise the storage location and tamper with the data, they won’t be able to change the hash stored on the blockchain. This will make it known to everyone that the data has been manipulated.

The difference between the blockchain security and traditional models is that, instead of relying on preserving secrets, the blockchain relies on transparency and general knowledge to protect information and data.

What made the attack notable was that instead of attacking each of the websites, the attackers targeted the servers of Dyn, the company providing DNS services to millions of users. By bringing down Dyn’s server, all of the sites whose domains were being resolved through Dyn became inaccessible.

The Dyn attack was another example of how single points of failure and centralized systems are making us vulnerable. An even more evil scenario would be to compromise a DNS server and change entries to redirect users to malicious versions of websites.

A workaround would be to have a DNS system based on blockchain. Instead of relying on central DNS servers to store name-IP resolution pairs, every entry is registered on the blockchain and distributed among the nodes that constitute the blockchain.

This provides both transparency and security. Hackers will no longer be able to target the DNS infrastructure by attacking a specific server or server cluster, and the data entries can’t be tampered to direct traffic to malicious sources.

Final thoughts

The vulnerabilities of centralized systems are becoming more and more evident as cyberattacks grow in size and number. Decentralized alternatives can offer a workaround to those vulnerabilities, but they need to run on a platform that doesn’t introduce its own security holes. Blockchain might prove to be the technology to power secure, reliable and decentralized services. There are already many exciting projects being led in each of these fields. It will be interesting how the trend develops into a replacement for the infrastructure and models that we’ve been using for decades.

2 COMMENTS

Blockchain should really be called “trust chain” since trust is so fundamental in any IT-system or application. You must be able to trust a sensor delivering it’s IoT data, a financial transaction being ordered by the right party, and so on. Blockchains can be the solution needed to reinstate trust in crumbling first generation IoT initiatives.

However, it’s not the miracle cure for everything. It solves trust but doesn’t prevent data theft, for instance. For that, you need to encrypt all data at rest and in transit.

And there are many other security issues. But, solving the trust and ID management of device and user is a gigantic leap forward.

Yes, a fair assessment would be that blockchain could solve “some” but not “all” cyberthreats. Its transparent nature is a definite match for data tampering and key compromise, but data theft remains an issue, as you mentioned. There are, however, projects that promise to address that issue in the future.

TechTalks Newsletter

ABOUT US

At TechTalks, we examine trends in technology, how they affect the way we live and do business, and the problems they solve. But we also discuss the evil side of technology, the darker implications of new tech and what we need to look out for.
The idea is to be able to make the most out of the benefits provided by new tech trends and to minimize the trade-offs and costs.